Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

be35cb7b10...8.html

windows7-x64

3

be35cb7b10...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    be35cb7b10b466e9ae26fc7e2a04931f_JaffaCakes118.html

  • Size

    19KB

  • MD5

    be35cb7b10b466e9ae26fc7e2a04931f

  • SHA1

    9bae0dfbf75b376af786bd36f4dfc12dda5a4f80

  • SHA256

    ecc27f2e8622261af0970fe87a906e6701264001e536838fc0fb83049cee7cb1

  • SHA512

    808c8df28d6eb942cea916812de323d736cb75037cd64b83ea8adea6e53e93c08e8ee1b7b062e7b8a5f22a8c188eacbe61a967e0d9b43848a1592b25886a8091

  • SSDEEP

    192:uw5ScLT/5/b1Hb5ne3WEWSVEpFhCHiVnQjxn5Q/A7nQieUuNn8gQnQOkEntaHLU0:0Q/VqaN/h

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\be35cb7b10b466e9ae26fc7e2a04931f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af2ea280debb05102f65539de96cdc6c

    SHA1

    a8087400bfaf899efe242b5ef438c8f3534de7c0

    SHA256

    c0dcb9ff831659c43c8f2ddaca655c8269e76315818d4fc2bd6c02ced25cfb16

    SHA512

    3802382891c9dabab11a998beb512e5cedff16bb8e8fe20d848480a7af7d826060132b1801f7024122a25c0c615f8cbe342aa8baa9e08582aa7d8a3fe3c28a1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66c59e027656afca9b97210d6d8a949f

    SHA1

    cb3679440838acd9271e390d22f3bca88c3b6f85

    SHA256

    3c6f0f531d4ccf9922f6e718e75a264b9f01979a3b13b38ee2230c7f54710408

    SHA512

    0a96c1f3d42bf9ed2b173ece989b7a89121ca3270040fde3c5281f703edea0a0d5f57b3b8e2fc4e258410d368ae7860388ebf38b50bdcce80d1063aefe5744df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2207ffe31046b58b92250cb4e2fbd053

    SHA1

    d8539a6c1831e56df578bc927890d1e048c0c7ad

    SHA256

    62c4522cd352404948436efe64aea1d8ad2e7b302ce487e3e6174280aed4b6cf

    SHA512

    ca26efd67c143118c05bc9390b1dac6483efa4f640ec090c5c17b39b5dce0df87b9e22d7af1a05599e2fd20bc3fb3f1bff07a50309891373bc853f4a9399448f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    124499776a569f035bddba7c4a67e2b5

    SHA1

    63d47abcda12dc0c0c590979d4ec3ca083caef2c

    SHA256

    cfc57f8cac1215b30ee2101505e8a332feef92c3724c1c96516252a861c1890e

    SHA512

    c38c50b8ffad9d1ccd8a7182b908ae7b527fafd7b0a21d7d09e0a18f0f6655a6c33d8bd1f2385db9d6790d040c673de6296ffc9923ceb06bd4c722ec6677bb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cec3fcfa4c9740550560facfca2e3fd

    SHA1

    f64df46780c12f81a2e19e21381b76166b802651

    SHA256

    c24129d23b226edbcfd6c3e1d2c971ea76d01dc35c3a6bebb84887abb49c667a

    SHA512

    8cfbe6183317c5ab2f941c602d5e5e14c7287017f1896c7bb402b8842cd596034b962168fe6b011a0fbaa07f4c1b72e24236a6f201fceccf0b8254446116f548

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d92e90efba88777d66dbf37de3e03d8

    SHA1

    82a53c7c540614764513e7557ba5fe9906ec1197

    SHA256

    186dd2e7bc8ed31040497983bce543fcbfd9b16886ace49a539c4624493104c9

    SHA512

    628e2c252ca5cc25d5d510d052ed7c3748d9f981fe6ad0f4a381787b7c1f17990bbe67293bd0ff45215220096f1539d87e94b5d94eafd027d974888e34a0d4ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4D08.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar51EC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit